|
Should have read more about WDS
#317727 - 11/23/13 03:21 AM
|
|
|
Broken system. Generally doesn't work with WPA2 so you'd never get N speeds with it. Decided to wire the AirPort Extreme to my ASUS Router and create 2 new wireless networks (1 2.4 and 1 5ghz). Not very efficient, but I can at least leave my ASUS said set to attwifi and bounce the MAC address around for street passes on my 3ds, without knocking my (and my wife's) other devices off of the network ![](//www.mameworld.info/ubbthreads/images/graemlins/icon_rolleyes.gif)
I only got the AirPort Extreme because it was $35.
|
Just broke my personal record for number of consecutive days without dying!
|
|
redk9258 |
Regular
|
|
|
Reged: 09/21/03
|
Posts: 3968
|
Loc: Troy, Illinois USA
|
|
Send PM
|
|
|
|
I bought an Asus RT-N12B1 router after my Linksys died for around $40. Seems to work pretty good. I've never been this long before without a reboot...
[ATTACHED IMAGE]
|
|
|
|
Re: Should have read more about WDS
[Re: redk9258]
#317735 - 11/23/13 07:26 AM
|
|
|
Assuming your ASUS router has the same options as my ASUS RT-N16, you might be interested to know that there's a poorly documented setting on the Wireless-->General page for "Authentication Method". If you set this to "WPA-Auto-Personal", it will default to WPA2 for clients that support it, but will also fall back to plain WPA for older clients like the PS Vita, which apparently doesn't support WPA2. For the most compatibility with older clients, you probably want to set the "WPA Encryption" setting to "TKIP+AES" as well.
|
GroovyMAME support forum on BYOAC
|
|
|
Re: Should have read more about WDS
[Re: krick]
#317749 - 11/23/13 02:57 PM
|
|
|
I have custom firmware on mine... easy tomato (for my OpenVPN connection, mainly)
It has tons of options like that and the only thing I've had problems with is my "wireless ready" Sony Bravia with Sony's POS proprietary dongle. Even though it seems stupid to wire the APEx to the ASUS in the same room... it's actually working out very well for me! The simultaneous dual wireless on the APEx is the best part. I didn't realize that I had items in the house that could operate on the 5ghz band... And because it's bridged to my ASUS, I have much easier control over what's on my network than using the APEx alone (and either trying to learn what little control I have with the Airport Utility or suffering through the god awful .baseconfig file. Also... everything automatically goes through the VPN too so Netflix and stuff just works.
As I said before... now I can play with the MAC address of my ASUS wireless network all I want and rack up the street passes on my 3DS, without confusing every other wireless thing in the place
|
Just broke my personal record for number of consecutive days without dying!
|
|
redk9258 |
Regular
|
|
|
Reged: 09/21/03
|
Posts: 3968
|
Loc: Troy, Illinois USA
|
|
Send PM
|
|
|
Re: Should have read more about WDS
[Re: krick]
#317752 - 11/23/13 05:18 PM
|
|
|
I have had no problems connecting things to the network. I don't see the same settings you describe, but I think I always set the connecting devices to "TKIP+AES".
I filter all mac addresses and do not broadcast SSID either.
|
|
|
|
Re: Should have read more about WDS
[Re: redk9258]
#317762 - 11/24/13 03:03 AM
|
|
|
> I have had no problems connecting things to the network. I don't see the same > settings you describe, but I think I always set the connecting devices to "TKIP+AES". > > I filter all mac addresses and do not broadcast SSID either.
I hope you realise you're not actually improving security: http://blogs.technet.com/b/networking/ar...a-bad-idea.aspx
|
|
|
DMala |
Sleep is overrated
|
|
|
Reged: 05/09/05
|
Posts: 3989
|
Loc: Waltham, MA
|
|
Send PM
|
|
|
Re: Should have read more about WDS
[Re: Vas Crabb]
#317770 - 11/24/13 06:46 AM
|
|
|
> > I have had no problems connecting things to the network. I don't see the same > > settings you describe, but I think I always set the connecting devices to > "TKIP+AES". > > > > I filter all mac addresses and do not broadcast SSID either. > > I hope you realise you're not actually improving security: > http://blogs.technet.com/b/networking/ar...a-bad-idea.aspx
Filtering MAC addresses is also pretty useless. Anyone who is motivated to break in can find and spoof a MAC address without breaking stride.
|
|
|
redk9258 |
Regular
|
|
|
Reged: 09/21/03
|
Posts: 3968
|
Loc: Troy, Illinois USA
|
|
Send PM
|
|
|
Re: Should have read more about WDS
[Re: DMala]
#317774 - 11/24/13 07:19 AM
|
|
|
> > > I have had no problems connecting things to the network. I don't see the same > > > settings you describe, but I think I always set the connecting devices to > > "TKIP+AES". > > > > > > I filter all mac addresses and do not broadcast SSID either. > > > > I hope you realise you're not actually improving security: > > > http://blogs.technet.com/b/networking/ar...a-bad-idea.aspx > > Filtering MAC addresses is also pretty useless. Anyone who is motivated to break in > can find and spoof a MAC address without breaking stride.
Hell, sounds like I should just not even use wireless at all. So, when a wireless device is trying to connect to the network, it tells the SSID and MAC address so the router will allow it to connect? I figured there are enough neighbors broadcasting the SSID and would be an easier target. Hell, my DSL connection is so slow, I really don't think anyone would want on anyway. Plus, I live in a small subdivision in the country so I doubt a hacker would try to get in my network anyway.
|
|
|
DMala |
Sleep is overrated
|
|
|
Reged: 05/09/05
|
Posts: 3989
|
Loc: Waltham, MA
|
|
Send PM
|
|
|
Re: Should have read more about WDS
[Re: redk9258]
#317775 - 11/24/13 07:55 AM
|
|
|
> Hell, sounds like I should just not even use wireless at all.
No, the takeaway is that properly configured encryption is much more effective than trying to "hide" your network. It's true that there's nothing of any particular value on your home network, if it takes an intruder more than 5 minutes to break in, he's likely to move on to a softer target.
|
|
|
|
Re: Should have read more about WDS
[Re: redk9258]
#317790 - 11/24/13 10:17 PM
|
|
|
> Hell, sounds like I should just not even use wireless at all. So, when a wireless > device is trying to connect to the network, it tells the SSID and MAC address so the > router will allow it to connect? I figured there are enough neighbors broadcasting > the SSID and would be an easier target. Hell, my DSL connection is so slow, I really > don't think anyone would want on anyway. Plus, I live in a small subdivision in the > country so I doubt a hacker would try to get in my network anyway.
Nah, the upshot is that if you set your security to WPA2 with AES encryption and define a decent password, it’s impractically difficult to crack, and you don’t need to bother with the snake oil. MAC address filtering makes life harder for you for no additional security, and a hidden SSID similarly makes your life harder but actually means your network name can end up being broadcast even more widely than it would otherwise.
|
|
|
|
in my case I need MAC filtering
[Re: Vas Crabb]
#317794 - 11/25/13 12:55 AM
|
|
|
for the streetpass trick... need a broadcast SSID of attwifi with no password. I live in base housing so I'm not too worried about having anybody nearby who can sniff out and spoof a MAC (or who would even THINK to do it for that matter)
Another case for a business would be port security. If I try to move a computer around my office at work, the computer and the port would be instantly knocked off of the network. I'm fairly certain that it's MAC based...
|
Just broke my personal record for number of consecutive days without dying!
|
|
|
Re: in my case I need MAC filtering
[Re: URherenow]
#317799 - 11/25/13 01:41 AM
|
|
|
> Another case for a business would be port security. If I try to move a computer > around my office at work, the computer and the port would be instantly knocked off of > the network. I'm fairly certain that it's MAC based...
That's an entirely different case. On a wired network you can't sniff the allowed MAC for a given port off the air, and they can lock out the port immediately on seeing an unauthorised MAC address so you can't try addresses until it works.
|
|
|